Cyber attack security controls
Assign topic to the user
Answer:
I'm assuming that your doubt is which standard can provide better guidance in the identification of cyber attack security controls and precaution measures.
Considering that, the standard of choice is the ISO 27001, which provides general recommendations for information security that can be adapted for cyber security.
Regarding definition of responsibilities, business continuity related to ISO 27001 is focused on disaster recovery of IT infrastructur e, so if your organization's needs for business continuity go beyond that (i.e., the potential impacts go beyond information-related issues), probably the responsibility should remain with BCM.
For further information, please see:
- How to use ISO 22301 for the implementation of business continuity in ISO 27001 https://advisera.com/27001academy/blog/2015/06/15/how-to-use-iso-22301-for-the-implementation-of-business-continuity-in-iso-27001/
Comment as guest or Sign in
Jul 25, 2019